1. 首页
  2. 问答
  3. 的Rails引发ArgumentError:无效%编码

的Rails引发ArgumentError:无效%编码

2013-04-29 88 views
34

上个月,我们已经有一个机器人经常刮我们的网站,导致一堆ArgumentError: invalid %-encoding错误的,因为网址是畸形的。我在机架herehere看着一堆问题和轨道here,看着this SO thread但似乎没有成为一个明确的解决办法。有没有一个GET错误的正确解决方案?我需要monkeypatch机架吗?的Rails引发ArgumentError:无效%编码

编辑:下面是一个回溯:

/usr/local/lib/ruby/1.9.1/uri/common.rb:898:in `decode_www_form_component' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/utils.rb:41:in `unescape' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/utils.rb:94:in `block (2 levels) in parse_nested_query' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/utils.rb:94:in `map' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/utils.rb:94:in `block in parse_nested_query' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/utils.rb:93:in `each' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/utils.rb:93:in `parse_nested_query' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/request.rb:332:in `parse_query' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/http/request.rb:269:in `parse_query' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/request.rb:186:in `GET' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/http/request.rb:225:in `GET' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/http/parameters.rb:10:in `parameters' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/http/filter_parameters.rb:33:in `filtered_parameters' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_controller/metal/instrumentation.rb:21:in `process_action' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_controller/metal/params_wrapper.rb:207:in `process_action' 
[GEM_ROOT]/gems/activerecord-3.2.12/lib/active_record/railties/controller_runtime.rb:18:in `process_action' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/abstract_controller/base.rb:121:in `process' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/abstract_controller/rendering.rb:45:in `process' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_controller/metal.rb:203:in `dispatch' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_controller/metal/rack_delegation.rb:14:in `dispatch' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_controller/metal.rb:246:in `block in action' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/routing/route_set.rb:73:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/routing/route_set.rb:73:in `dispatch' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/routing/route_set.rb:36:in `call' 
[GEM_ROOT]/gems/journey-1.0.4/lib/journey/router.rb:68:in `block in call' 
[GEM_ROOT]/gems/journey-1.0.4/lib/journey/router.rb:56:in `each' 
[GEM_ROOT]/gems/journey-1.0.4/lib/journey/router.rb:56:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/routing/route_set.rb:601:in `call' 
[GEM_ROOT]/gems/omniauth-1.1.1/lib/omniauth/strategy.rb:177:in `call!' 
[GEM_ROOT]/gems/omniauth-1.1.1/lib/omniauth/strategy.rb:157:in `call' 
[GEM_ROOT]/gems/sass-3.2.7/lib/sass/plugin/rack.rb:54:in `call' 
[GEM_ROOT]/gems/warden-1.2.1/lib/warden/manager.rb:35:in `block in call' 
[GEM_ROOT]/gems/warden-1.2.1/lib/warden/manager.rb:34:in `catch' 
[GEM_ROOT]/gems/warden-1.2.1/lib/warden/manager.rb:34:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/middleware/best_standards_support.rb:17:in `call' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/etag.rb:23:in `call' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/conditionalget.rb:25:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/middleware/head.rb:14:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/middleware/params_parser.rb:21:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/middleware/flash.rb:242:in `call' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/session/abstract/id.rb:210:in `context' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/session/abstract/id.rb:205:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/middleware/cookies.rb:341:in `call' 
[GEM_ROOT]/gems/activerecord-3.2.12/lib/active_record/query_cache.rb:64:in `call' 
[GEM_ROOT]/gems/activerecord-3.2.12/lib/active_record/connection_adapters/abstract/connection_pool.rb:479:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/middleware/callbacks.rb:28:in `block in call' 
[GEM_ROOT]/gems/activesupport-3.2.12/lib/active_support/callbacks.rb:405:in `_run__497203393471184793__call__4495106819278994598__callbacks' 
[GEM_ROOT]/gems/activesupport-3.2.12/lib/active_support/callbacks.rb:405:in `__run_callback' 
[GEM_ROOT]/gems/activesupport-3.2.12/lib/active_support/callbacks.rb:385:in `_run_call_callbacks' 
[GEM_ROOT]/gems/activesupport-3.2.12/lib/active_support/callbacks.rb:81:in `run_callbacks' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/middleware/callbacks.rb:27:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/middleware/remote_ip.rb:31:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/middleware/debug_exceptions.rb:16:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/middleware/show_exceptions.rb:56:in `call' 
[GEM_ROOT]/gems/railties-3.2.12/lib/rails/rack/logger.rb:32:in `call_app' 
[GEM_ROOT]/gems/railties-3.2.12/lib/rails/rack/logger.rb:16:in `block in call' 
[GEM_ROOT]/gems/activesupport-3.2.12/lib/active_support/tagged_logging.rb:22:in `tagged' 
[GEM_ROOT]/gems/railties-3.2.12/lib/rails/rack/logger.rb:16:in `call' 
[GEM_ROOT]/gems/actionpack-3.2.12/lib/action_dispatch/middleware/request_id.rb:22:in `call' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/methodoverride.rb:21:in `call' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/runtime.rb:17:in `call' 
[GEM_ROOT]/gems/activesupport-3.2.12/lib/active_support/cache/strategy/local_cache.rb:72:in `call' 
[GEM_ROOT]/gems/rack-1.4.5/lib/rack/lock.rb:15:in `call' 
[GEM_ROOT]/gems/rack-cache-1.2/lib/rack/cache/context.rb:136:in `forward' 
[GEM_ROOT]/gems/rack-cache-1.2/lib/rack/cache/context.rb:143:in `pass' 
[GEM_ROOT]/gems/rack-cache-1.2/lib/rack/cache/context.rb:172:in `rescue in lookup' 
[GEM_ROOT]/gems/rack-cache-1.2/lib/rack/cache/context.rb:168:in `lookup' 
[GEM_ROOT]/gems/rack-cache-1.2/lib/rack/cache/context.rb:66:in `call!' 
[GEM_ROOT]/gems/rack-cache-1.2/lib/rack/cache/context.rb:51:in `call' 
[GEM_ROOT]/gems/railties-3.2.12/lib/rails/engine.rb:479:in `call' 
[GEM_ROOT]/gems/railties-3.2.12/lib/rails/application.rb:223:in `call' 
[GEM_ROOT]/gems/railties-3.2.12/lib/rails/railtie/configurable.rb:30:in `method_missing' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/rack/request_handler.rb:96:in `process_request' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/abstract_request_handler.rb:516:in `accept_and_process_next_request' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/abstract_request_handler.rb:274:in `main_loop' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/rack/application_spawner.rb:206:in `start_request_handler' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/rack/application_spawner.rb:171:in `block in handle_spawn_application' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/utils.rb:479:in `safe_fork' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/rack/application_spawner.rb:166:in `handle_spawn_application' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/abstract_server.rb:357:in `server_main_loop' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/abstract_server.rb:206:in `start_synchronously' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/abstract_server.rb:180:in `start' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/rack/application_spawner.rb:129:in `start' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/spawn_manager.rb:253:in `block (2 levels) in spawn_rack_application' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/abstract_server_collection.rb:132:in `lookup_or_add' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/spawn_manager.rb:246:in `block in spawn_rack_application' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/abstract_server_collection.rb:82:in `block in synchronize' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/abstract_server_collection.rb:79:in `synchronize' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/spawn_manager.rb:244:in `spawn_rack_application' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/spawn_manager.rb:137:in `spawn_application' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/spawn_manager.rb:275:in `handle_spawn_application' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/abstract_server.rb:357:in `server_main_loop' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/lib/phusion_passenger/abstract_server.rb:206:in `start_synchronously' 
/usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/helper-scripts/passenger-spawn-server:99:in `<main>'

来源

2013-04-29 Waynn Lue

+0

可能是固定在机架上的最新版本。似乎几个错误的,[其中包括我的评论]当我2年前有这个问题,已经关闭(https://github.com/rack/rack/issues/225#issuecomment-2594611)。阻止机器人是一种选择吗? – 2013-06-05 19:04:04

+0

不幸的是,我试图升级到最新的机架,仍然看到了问题(然后再次降级,因为我不得不关闭一些其他的宝石)。它来自多个IP地址,所以它变成了一个鼹鼠游戏,再加上我希望有一个更好的方法。 :) – 2013-06-06 00:25:34

+0

你能分享一个回溯? – 2013-06-07 21:33:17

回答

5

你可以注入设计来检测这些优雅地失败中间件。基本思想是试图解析查询字符串,如果失败,则使用HTTP 400解决,否则,只允许请求通过。

class RefuseInvalidRequest 
    def initialize(app) 
    @app = app 
    end 

    def call(env) 
    query = Rack::Utils.parse_nested_query(env['QUERY_STRING'].to_s) rescue :bad_query 
    if query == :bad_query 
     [400, {'Content-Type' => 'text/plain'}, "Bad Request"] 
    else 
     @app.call(env) 
    end 
    end 
end

我还没有测试过这个,但是这个概念应该可行。

module Rack 
    module Utils 
    if defined?(::Encoding) 
     def unescape(s, encoding = Encoding::UTF_8) 
     begin 
      URI.decode_www_form_component(s, encoding) 
     rescue ArgumentError 
      URI.decode_www_form_component(URI.encode(s), encoding) 
     end 
     end 
    else 
     def unescape(s, encoding = nil) 
     begin 
      URI.decode_www_form_component(s, encoding) 
     rescue ArgumentError 
      URI.decode_www_form_component(URI.encode(s), encoding) 
     end 
     end 
    end 
    module_function :unescape 
    end 
end

附注:

来源

2013-06-07 23:18:55

+1

它不适用于我的开发环境。我不知道为什么,但它只显示'!!日志中的无效请求。并尝试在'def initialize'上添加名为''的'puts',它不会在日志中输出'called'。只有'!无效请求'。是的,我已经向我的application.rb添加了'config.middleware.use(“RefuseInvalidRequest”)'。想知道为什么会发生这种情况 – Yana 2014-02-24 03:38:33

+0

也许你没有在中间件堆栈中注入足够高的中间件。 – 2014-02-24 04:01:26

+0

'Rack.middleware.insert_before Rack :: Runtime,“RefuseInvalidRequest”'。我可以插入的最高的一个。实际上它是'Rack :: MiniProfiler'和'Honeybadger'。但我不能在它之前插入。仍然是相同的输出。结帐我的老问题原木http://stackoverflow.com/questions/21229499/custom-message-or-redirection-for-400-bad-request-because-of-unexcaped-on-par – Yana 2014-02-24 06:59:46

5

,如果你不介意的话针对的monkeypatching机架然后config/initializers文件(例如rack.rb)与此内容创建它与乘客一起工作,但与Webrick和Thin并不相同。它看起来像webrick和thin也分析请求,所以失败发生在初始化器加载之前。例如在thin-1.6.2/lib/thin/request.rb:84中发生Thin错误。

来源

2014-07-13 21:15:29 trushkevich

 相关问题

  • 暂无相关问题^_^